select_vars: Selective use of default "$PWD/pki/vars"

If either EASYRSA or EASYRSA_PKI is already defined when searching for default "$PWD/pki/var" then ignore this default vars file. If EASYRSA_PKI is defined then do not load a vars file from a different PKI. If EASYRSA is defined then do not load a vars file from any PKI. Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
2023-09-29 18:58:29 +01:00 · 2023-09-29 18:58:29 +01:00 · edcc61c49b
commit edcc61c49b
parent 9db0671d70
1 changed files with 4 additions and 1 deletions
--- a/easyrsa3/easyrsa
+++ b/easyrsa3/easyrsa
@ -5642,7 +5642,10 @@ select_vars() {
 		fi

 		# Default PKI; if vars exists, use it ONLY
-		if [ -e "$PWD/pki/vars" ]; then
+		if [ -e "$PWD/pki/vars" ] && \
+			[ -z "$EASYRSA_PKI" ] && \
+			[ -z "$EASYRSA" ]
+		then
 			# Prevent vars from changing expected PKI.
 			# A vars in the PKI MUST always imply EASYRSA_PKI
 			# This is NOT backward compatible